====== Differences ====== This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
appnotes:authmenus [2010/06/16 14:58] xfgolden |
appnotes:authmenus [2013/03/04 15:34] (current) genec Fix cmd.c32 -> gpxecmd.c32 |
||
---|---|---|---|
Line 13: | Line 13: | ||
SSLRequireSSL | SSLRequireSSL | ||
- | and a file "boot.php" containing | + | You must choose between being able to load vesamenu.c32 directly and loading the current version of vesamenu.c32. |
+ | ==== vesamenu.c32 current ==== | ||
+ | The current version of vesamenu.c32 can not be loaded directly from gPXE and requires PXELINUX as an intermediate layer. You will need two PHP files, a boot.php containing | ||
- | <?php | + | <?php |
- | + | ||
- | header ( "Content-type: text/plain" ); | + | header ( "Content-type: text/plain" ); |
- | + | echo "#!gpxe\n"; | |
- | echo "#!gpxe\n"; | + | |
- | echo "imgfree\n"; | + | $proto = "https"; |
- | echo "login\n"; | + | // Comment out/remove the following if strictly using HTTPS |
- | echo "chain ". | + | if (!isset($_SERVER["HTTPS"])) |
- | "https://\${username:uristring}:\${password:uristring}@". | + | $proto = "http"; |
- | $_SERVER["SERVER_NAME"]. | + | |
- | dirname ( $_SERVER["REQUEST_URI"] ). | + | // This assigns the host that gPXE should use using the most logical variables |
- | "/vesamenu.c32 menu.php\n"; | + | if ( $_SERVER["HTTP_HOST"] != "" ) { |
- | ?> | + | $host=$_SERVER["HTTP_HOST"]; |
+ | } else { | ||
+ | if ( $_SERVER["SERVER_NAME"] != 0) { | ||
+ | $host=$_SERVER["SERVER_NAME"]; | ||
+ | } else { | ||
+ | $host=$_SERVER["SERVER_ADDR"]; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | // Comment out/remove the following if you are running on a standard port | ||
+ | if (!((! isset($_SERVER["HTTPS"]) ) && ($_SERVER["SERVER_PORT"] == 80)) | ||
+ | && !(isset($_SERVER["HTTPS"]) && ($_SERVER["SERVER_PORT"] == 443)) ){ | ||
+ | if (strrpos($host, ":") == FALSE) | ||
+ | $host=$host.":".$_SERVER["SERVER_PORT"]; | ||
+ | } | ||
+ | |||
+ | $uri=$_SERVER["REQUEST_URI"]; | ||
+ | $dir=substr ( $uri, 0, strrpos ($uri, "/") + 1); | ||
+ | |||
+ | echo "#!gpxe\n"; | ||
+ | echo "imgfree\n"; | ||
+ | echo "login\n"; | ||
+ | echo "set 209:string bootcfg.php\n"; | ||
+ | echo "set 210:string ". | ||
+ | $proto."://\${username:uristring}:\${password:uristring}@". | ||
+ | $host.$dir."\n"; | ||
+ | echo "chain \${210:string}pxelinux.0\n"; | ||
+ | ?> | ||
+ | |||
+ | and a bootcfg.php containing | ||
+ | |||
+ | <?php | ||
+ | |||
+ | header ( "Content-type: text/plain" ); | ||
+ | |||
+ | echo "UI runmenu\n\n"; | ||
+ | echo "LABEL runmenu\n"; | ||
+ | echo "COM32 vesamenu.c32\n"; | ||
+ | echo "APPEND menu.php\n"; | ||
+ | ?> | ||
+ | |||
+ | Selecting this method will require that you use gpxecmd.c32 to execute gPXE commands and scripts. | ||
+ | ==== vesamenu.c32 directly ==== | ||
+ | You will need a file "boot.php" containing | ||
+ | |||
+ | <?php | ||
+ | |||
+ | header ( "Content-type: text/plain" ); | ||
+ | |||
+ | $uri=$_SERVER["REQUEST_URI"]; | ||
+ | $dir=substr ( $uri, 0, strrpos ($uri, "/") + 1); | ||
+ | |||
+ | echo "#!gpxe\n"; | ||
+ | echo "imgfree\n"; | ||
+ | echo "login\n"; | ||
+ | echo "chain ". | ||
+ | "https://\${username:uristring}:\${password:uristring}@". | ||
+ | $_SERVER["HTTP_HOST"].$dir. | ||
+ | "vesamenu.c32 menu.php\n"; | ||
+ | ?> | ||
+ | |||
+ | In order to use vesamenu.c32 directly from gPXE, you must use Syslinux-3.86 from [[http://www.kernel.org/pub/linux/utils/boot/syslinux/3.xx/]] and not the latest version. | ||
+ | ==== Setup part 1 continued ==== | ||
Configure your DHCP server to hand out //boot.php// as the boot file, using something like (for ISC dhcpd)((If you are using PXE-chaining, you may want to investigate the various methods for avoiding infinite loops described in the [[:pxechaining|PXE chainloading]] HowTo.)): | Configure your DHCP server to hand out //boot.php// as the boot file, using something like (for ISC dhcpd)((If you are using PXE-chaining, you may want to investigate the various methods for avoiding infinite loops described in the [[:pxechaining|PXE chainloading]] HowTo.)): | ||
filename "https://my.web.server/boot/boot.php"; | filename "https://my.web.server/boot/boot.php"; | ||
- | Download the latest //syslinux// tarball from [[http://www.kernel.org/pub/linux/utils/boot/syslinux/]] and build it. Copy the files //com32/menu/vesamenu.c32// and //com32/modules/cmd.c32//((At the time of writing, //cmd.c32// is not yet integrated into a //syslinux// release; you will need to apply the patch from [[http://rom.etherboot.org/share/mcb30/syslinux-cmd.patch]] before building //syslinux//, or just grab the prebuilt //cmd.c32// binary from [[http://rom.etherboot.org/share/mcb30/cmd.c32]].)) into the "boot" directory on the web server. | + | Download the latest //syslinux// tarball from [[http://www.kernel.org/pub/linux/utils/boot/syslinux/]] and extract it. Copy the files //com32/menu/vesamenu.c32// and //com32/modules/gpxecmd.c32// into the "boot" directory on the web server. |
===== Setup (interesting part) ===== | ===== Setup (interesting part) ===== | ||
Line 70: | Line 134: | ||
function sanboot ( $label, $root_path ) { | function sanboot ( $label, $root_path ) { | ||
label ( $label ); | label ( $label ); | ||
- | echo " kernel cmd.c32\n"; | + | echo " kernel gpxecmd.c32\n"; |
echo " append sanboot ".$root_path."\n"; | echo " append sanboot ".$root_path."\n"; | ||
echo "\n"; | echo "\n"; | ||
Line 171: | Line 235: | ||
label item1 | label item1 | ||
menu label ^1 MS-DOS 6.22 | menu label ^1 MS-DOS 6.22 | ||
- | kernel cmd.c32 | + | kernel gpxecmd.c32 |
append sanboot iscsi:chipmunk.tuntap::::iqn.2007-07.chipmunk:msdos622 | append sanboot iscsi:chipmunk.tuntap::::iqn.2007-07.chipmunk:msdos622 | ||
| | ||
label item2 | label item2 | ||
menu label ^2 Windows 2k3 | menu label ^2 Windows 2k3 | ||
- | kernel cmd.c32 | + | kernel gpxecmd.c32 |
append sanboot iscsi:chipmunk.tuntap::::iqn.2007-07.chipmunk:win2k3 | append sanboot iscsi:chipmunk.tuntap::::iqn.2007-07.chipmunk:win2k3 | ||
| | ||
Line 206: | Line 270: | ||
Note that Windows imposes a minimum password length of 12 characters, and a maximum of 16 characters, for iSCSI authentication; this scheme will silently break unless your password policy enforces an appropriate min/max password length of 12<-->16 characters. | Note that Windows imposes a minimum password length of 12 characters, and a maximum of 16 characters, for iSCSI authentication; this scheme will silently break unless your password policy enforces an appropriate min/max password length of 12<-->16 characters. | ||
- | |||
- |